Thanks Ravi, you precisely do what a tuto did.
In fact, instead of manually adding the "*%sudo ALL=(ALL:ALL)
NOPASSWD:ALL*" line in /etc/sudoers of node machine, the tuto says to add
this line with ansible, and the command is (I created a new ubuntu VM as a
simple node (ubuntu3 with simon user, I used ssh-copy-id to copy my public
key from ubuntu1 to ubuntu3)) :
grag@ubuntu1:~/ansible$ ansible -i grt.inv -m lineinfile -a
"path=/etc/sudoers line='simon ALL=(ALL:ALL) NOPASSWD: ALL'"
--become-method=su --become --ask-become-pass ubuntu3
BECOME password:
ubuntu3 | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"module_stderr": "Shared connection to ubuntu3 closed.\r\n",
"module_stdout": "\r\nsu: Échec d'authentification\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
grag@ubuntu1:~/ansible$
FYI "Échec d'authentification" means "authentication failure"
What surprised me is that since I typed simon's password, and since simon
is allowed to modified locally the /etc/sudoers file, why isn't he allowed
to do the same thing from ansible ... ?
Le dimanche 9 mai 2021 à 04:18:24 UTC+2, [email protected] a écrit :
> Hello,
> Yes, its possible to use ansible without root password.
> There are two ways you can do this.
> 1. Create an user and add that user to sudo group. Let's say username is
> anisble. These commands should be run as root in the ubuntu2 machine.
> *useradd ansible*
> *usermod -aG sudo ansible*
> *visudo*
>
> Once the visudo opens, replace this line
> *%sudo ALL=(ALL:ALL) ALL* with the line *%sudo ALL=(ALL:ALL)
> NOPASSWD:ALL*
> so that the user ansible will not be prompted for password when becoming a
> sudo user.
>
> 2. The same can be done with the ubuntu user as well.
> Let me know if there is any ambiguity.
> -Ravi Kumar
>
>
>
> On Friday, May 7, 2021 at 3:10:01 PM UTC+5:30 [email protected] wrote:
>
>> Hi all, I'm a newbee on ansible and I follow online tutos.
>>
>> I installed 2 ubuntu VM (named ubunt1 and ubunt2), one as node manager
>> (ubuntu1) and the second one as simple node (ubuntu2). The ssh connection
>> is tested and ok.
>>
>> When I installed ubuntu, I've never been asked for a root password, but
>> only for the name/password for a simple user. But this user belongs to
>> sudoers group so it can make admin tasks. So all is ok.
>>
>> The pb is that as I try to execute root tasks from ubuntu1 to ubuntu2
>> with ansible, even if ubuntu2 user belongs to sudoers groups, ansible
>> fails. And if I use the "-become" option, ansible asks me the ubuntu2 root
>> password that I don't know of course.
>>
>> In fact I feel that the fact that ubuntu2 user has sudo privilege is
>> useless.
>>
>> So how to do ?
>>
>> Thanks for your responses.
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/014c9b22-691d-4d1a-8be5-e8a8a82b01e5n%40googlegroups.com.
